Why this CompTIA Security+ course?
In just four days this high-value course prepares attendees for the latest CompTIA Security+ exam. Delegates get a rounded understanding of all modern IT security concepts, with answers to any questions on IT and network security – cabled and wireless – to any depth. LEVER’s unique delivery through direct subject-on-demand consultation with practicing industry experts guarantees maximum value and success in your CompTIA Security+ exam.
CompTIA Security+ Training Course Objectives
On completing this course, you will be able to:
- Demonstrate knowledge and competence in essential security technologies, tools and tasks.
- Understand how Security+ concepts are applied in the real World.
- Compare and contrast attacks and security controls.
- Use a range of security assessment tools.
- Explain cryptography concepts and implement a public key infrastructure.
- Implement identity and access management controls.
- Implement a secure network architecture.
- Install and configure wireless and physical access security.
- Implement secure network access protocols and network applications.
- Explain risk management, disaster recovery, application security and organisational security concepts.
Who should attend this CompTIA Security+ course
- Everyone wanting to gain their CompTIA Security+ certification in the shortest possible time.
- All IT professionals wanting to gain and demonstrate competence in IT security.
CompTIA Security+ Examination
This course prepares attendees to take the CompTIA Security+ exam with confidence.
Lifetime Post-Course Support
After completing this CompTIA Security+ training course, delegates receive lifetime post-training support from LEVER Technology Group, to help them apply the technologies and skills they have learned with us, to provide career-long support, and to ensure they are better equipped for their future roles in IT and networking.
CompTIA Security+ Training Course Content
Managing Risk
- Risk Terminology
- Threat Assessment
- Risk Assessment
- Computing Risk Assessment
- Assessing Privacy
- Acting on Your Risk Assessment
- Risks Associated with Cloud Computing
- Risks Associated with Virtualisation
- Developing Policies, Standards, and Guidelines
- Implementing Policies
- Understanding Control Types and False Positives/Negatives
- Risk Management Best Practices
- Change Management
Monitoring and Diagnosing Networks
- Monitoring and Diagnosing Networks Terminology
- Frameworks, Best Practices, and Configuration Guides
- Industry-Standard Frameworks and Reference Architectures
- National Institute of Standards and Technology (NIST)
- Benchmarks/Secure Configuration Guides
- Secure Network Architecture Concepts
- Zones
- Tunneling/VPN
- Placing Security Devices
- SDN
- IDS vs. IPS
- Secure Systems Design
- Hardware and Firmware Security
- Operating Systems
- Peripherals
- Secure Staging Deployment Concepts
Understanding Devices and Infrastructure
- Infrastructure Terminology
- Designing with Security in Mind
- Firewalls
- VPNs and VPN Concentrators
- Intrusion Detection Systems
- Router
- Switch
- Proxy
- Load Balancer
- Access Point
- SIEM
- DLP
- Network Access Control (NAC)
- Mail Gateway
- Bridge
- SSL/TLS Accelerators
- SSL Decryptors
- Media Gateway
- Hardware Security Module
Identity and Access Management
- Using Tools to Assess Your Network
- Protocol Analyser
- Network Scanners
- Password Cracker
- Vulnerability Scanners
- Command-Line Tools
- Additional Tools
- Troubleshooting Common Security Issues
- Access Issues
- Configuration Issues
- Security Technologies
- Intrusion Detection Systems
- Antimalware
- Firewalls and Related Devices
- Other Systems 150
- Identity and Access Management Concepts
- Identification vs. Authentication
- Authentication (Single Factor) and Authorisation
- Multifactor Authentication
- Biometrics
- Federations
- Potential Authentication and Access Problems
- LDAP
- PAP, SPAP, and CHAP
- Kerberos
- Working with RADIUS
- TACACS, TACACS+, XTACACS
- OATH
- One-Time Passwords
- SAML
- Install and Configure Identity and Access Services
- Mandatory Access Control
- Discretionary Access Control
- Role-Based Access Control
- Rule-Based Access Control
- ABAC
- Smartcards
- Tokens
- File and Database Security
Wireless Network Threats
- Wireless Threat Terminology
- Wireless Vulnerabilities to Know
- Replay
- Rogue APs and Evil Twins
- Jamming
- WPS
- Bluejacking
- Bluesnarfing
- NFC and RFID
- Disassociation
- Wireless Commonsense
- Wireless Attack Analogy
Securing the Cloud
- Cloud-Related Terminology
- Working with Cloud Computing
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
- Private Cloud
- Public Cloud
- Community Cloud
- Hybrid Cloud
- Working with Virtualisation
- Understanding Hypervisors
- Understanding Containers and Application Cells
- VDI/VDE
- On-Premise vs. Hosted vs. Cloud
- VM Escape Protection
- VM Sprawl Avoidance
- Security and the Cloud
- Cloud Access Security Brokers
- Cloud Storage
- Security as a Service
Host, Data, and Application Security
- Threat Actors and Attributes
- Script Kiddies
- Hacktivist
- Organised Crime
- Nation-States/APT
- Insiders
- Competitors
- Use of Open Source Intelligence
- Types of Vulnerabilities
- Configuration Issues
- User Issues
- Zero-Day Exploits
- Other Issues
- Embedded Systems Security
- Application Vulnerabilities
- Input Vulnerabilities
- Memory Vulnerabilities
- Secure Programming
- Programming Models
- Software Testing
- Specific Types of Testing
- Secure Coding Standards
- Application Configuration Baselining
- Operating System Patch Management
- Application Patch Management
- Other Application Security Issues
- Databases and Technologies
- Database Security
- Secure Configurations
- Code Issues
Cryptography
- An Overview of Cryptography
- Historical Cryptography
- Modern Cryptography
- Working with Symmetric Algorithms
- Working with Asymmetric Algorithms
- Cryptography Concepts
- Hashing Algorithms
- Rainbow Tables and Salt
- Key Stretching
- Cryptanalysis Methods
- Wi-Fi Encryption
- Using Cryptographic Systems
- Confidentiality and Strength
- Integrity
- When to Encrypt
- Digital Signatures
- Authentication
- Nonrepudiation
- Key Features
- Understanding Cryptography Standards and Protocols
- The Origins of Encryption Standards
- Public Key Infrastructure X.509/Public Key Cryptography Standards
- X.509
- Public Key Infrastructure
- Pretty Good Privacy
- SSL and TLS
- Using Public Key Infrastructure
- Hardware-Based Encryption Devices
- Data Encryption
- Authentication
Threats, Attacks, and Vulnerabilities
- Threat and Attack Terminology
- Living in a World of Viruses
- Symptoms of a Virus Infection
- How Viruses Work
- Types of Viruses
- Managing Spam to Avoid Viruses
- Antivirus Software
- Malware
- Understanding Various Types of Application/Service Attacks
- Identifying Denial-of-Service and Distributed Denial-of-Service Attacks
- Man-in-the-Middle Attacks
- Buffer Overflow
- Injection
- Cross-Site Scripting and Request Forgery
- Privilege Escalation
- ARP Poisoning
- Amplification
- DNS Poisoning
- Domain Hijacking
- Man-in-the-Browser
- Zero-Day Exploits
- Replay Attacks
- Pass the Hash
- Hijacking and Related Attacks
- Driver Manipulation
- MAC and IP Spoofing Attacks
Social Engineering and Other Foes
- Social Engineering and Physical Security Terminology
- Understanding Social Engineering
- Types of Social Engineering Attacks
- What Motivates an Attack?
- The Principles Behind Social Engineering
- Social Engineering Attack Examples
- Understanding Physical Security
- Lighting
- Signs
- Fencing, Gates, and Cages
- Security Guards
- Alarms
- Safe
- Secure Cabinets and Enclosures
- Protected Distribution
- Protected Cabling
- Airgap
- Mantrap
- Faraday Cage
- Lock Types
- Biometrics
- Barricades/Bollards
- Tokens/Cards
- Environmental Controls
- Cable Locks
- Screen Filters
- Cameras
- Motion Detection
- Logs
- Infrared Detection
- Key Management
- Various Control Types
- An Analogy of Control Types
- Data Security and Privacy Practices
- Data Destruction and Media Sanitation
- Data Sensitivity Labeling and Handling
- Data Roles
- Data Retention
- Legal and Compliance
Security Administration
- Connection Types
- Cellular
- Bluetooth
- Wi-Fi
- Infrared
- Satellite Communications
- Mobile Devices
- BYOD Issues
- Enforcement
- Account Management Concepts
- Account Types
- General Concepts
Disaster Recovery and Incident Response
- Disaster and Incident Related Terminology
- Penetration Testing
- What Should You Test?
- Vulnerability Scanning
- Issues Associated with Business Continuity
- Types of Storage Mechanisms
- Crafting a Disaster-Recovery Plan
- Incident Response Procedures
- Understanding Incident Response